1495 matches found
CVE-2025-13912
Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks...
wolfSSL 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from wolfSSL, Inc. in the United States. A security vulnerability exists in wolfSSL versions prior to 5.8.4 that stems from an LLVM optimization that results in timing differences and may...
PT-2025-50637
Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 5.8.4 Description Certain constant-time implementations within wolfSSL may be altered by LLVM optimizations into non-constant-time binaries. This transformation can introduce observable timing discrepancies, potential...
Linux Distros Unpatched Vulnerability : CVE-2025-13912
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non- constant-time binary by LLVM optimizations, which can...
curl: Stack Buffer Overflow in cURL wolfSSL Backend (lib/vtls/wolfssl.c)
Summary: A stack-based buffer overflow exists in the wsslstrerror function of cURL's wolfSSL TLS backend. The function uses an unsafe strcpy call, relying solely on a DEBUGASSERT macro for boundary checking. This macro is disabled in production release builds -DNDEBUG, allowing memory corruption...
FreeBSD : wolfssl -- multiple issues (ba02dfb6-ce31-11f0-a327-589cfc01894a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ba02dfb6-ce31-11f0-a327-589cfc01894a advisory. wolfSSL blog reports: This release includes multiple fixes across TLS 1.2, TLS 1.3, X25519,...
DoS Vulnerability in wolfSSL TLS 1.3 CKS Extension
...
Forward Secrecy Violation in WolfSSL TLS 1.3
...
CVE-2025-11934
Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously...
CVE-2025-11933
Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with duplicate CKS extensions...
CVE-2025-11936
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to...
EUVD-2025-198527
Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously...
EUVD-2025-198524
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to...
EUVD-2025-198525
Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with duplicate CKS extensions...
wolfSSL 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from wolfSSL, Inc. in the United States. A security vulnerability exists in wolfSSL that stems from the fact that any weaker digest algorithm can be used by the client when connecting using...
Linux Distros Unpatched Vulnerability : CVE-2025-11934
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for...
Linux Distros Unpatched Vulnerability : CVE-2025-11936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a...
Linux Distros Unpatched Vulnerability : CVE-2025-11933
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to...
CVE-2025-11933
Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with duplicate CKS extensions...
CVE-2025-11934
Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously...